hailin
/
it0
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
284 Commits 1 Branch 0 Tags 7.1 MiB
TypeScript 64.2%
Dart 29.3%
Python 4.2%
Shell 1.8%
Dockerfile 0.2%
Other 0.3%
Go to file
hailin 816c5461f9 feat(auth): add platform_super_admin role for two-level platform access control 
在 platform_admin 之上新增 platform_super_admin 角色,实现平台管理员的两级权限体系。

## 角色层级

  platform_super_admin > platform_admin > admin > operator > viewer

- platform_super_admin:最高平台权限,含所有 platform_admin 操作 + 破坏性操作(删除租户/用户/版本)
- platform_admin:日常平台运营,可查看/编辑租户、管理 App 版本、配置账单套餐,不可执行删除

## 变更明细

### auth-service — role-type.vo.ts
- 新增 RoleType.PLATFORM_SUPER_ADMIN = 'platform_super_admin'

### auth-service — tenant.controller.ts
- 租户列表/创建/查看/编辑:@Roles('platform_admin', 'platform_super_admin')(两级均可)
- 删除租户 DELETE /:id:@Roles('platform_super_admin')(仅超管)

### auth-service — user.controller.ts
- 类级别:@Roles('platform_admin', 'platform_super_admin')(两级均可访问用户列表/创建/编辑)
- 删除用户 DELETE /:id:@Roles('platform_super_admin')(仅超管)

### version-service — guards/platform-admin.guard.ts
- 更新:接受 platform_admin 或 platform_super_admin 任一角色
- 重构:抽取 decodeJwtRoles() 工具函数,供 PlatformSuperAdminGuard 复用

### version-service — guards/platform-super-admin.guard.ts(新文件)
- 仅接受 platform_super_admin 角色
- 与 PlatformAdminGuard(类级别)叠加使用,实现方法级别的超管限制

### version-service — version.controller.ts
- DELETE /:id:叠加 @UseGuards(PlatformSuperAdminGuard)(仅超管可删除版本文件)

### web-admin — sidebar.tsx
- isPlatformAdmin 检测同时涵盖 platform_admin 和 platform_super_admin
- 两级平台管理员均显示相同侧边栏菜单

## 升级现有账号为 platform_super_admin
  UPDATE public.users SET roles = '{platform_super_admin}' WHERE email = 'xxx@xxx.com';

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 		2026-03-07 01:17:27 -08:00
deploy feat(chat): voice-to-text fills input box instead of auto-sending 2026-03-06 07:01:39 -08:00
docs docs: add comprehensive deployment guide 2026-02-18 16:54:00 -08:00
it0-web-admin feat(auth): add platform_super_admin role for two-level platform access control 2026-03-07 01:17:27 -08:00
it0_app fix(stt): always use Whisper auto language detection, remove app language hint 2026-03-07 00:03:58 -08:00
packages feat(auth): add platform_super_admin role for two-level platform access control 2026-03-07 01:17:27 -08:00
.dockerignore fix: add Dockerfiles and fix docker-compose build configuration 2026-02-19 04:31:23 -08:00
.env.example Initial commit: IT0 AI-powered server cluster operations platform 2026-02-08 22:54:37 -08:00
.gitignore fix: 修复 .gitignore 误忽略 Flutter data/models/ 源码导致构建失败 2026-02-22 16:29:03 -08:00
Dockerfile.service fix(billing-service): add to Dockerfile.service and update pnpm lockfile 2026-03-03 21:27:35 -08:00
README.md Initial commit: IT0 AI-powered server cluster operations platform 2026-02-08 22:54:37 -08:00
entrypoint.sh refactor: clean up agent SSH setup after fixing host-local routing 2026-02-26 18:11:44 -08:00
logo.svg feat: rename app from IT0 to iAgent (我智能体) 2026-02-22 06:39:40 -08:00
package.json Initial commit: IT0 AI-powered server cluster operations platform 2026-02-08 22:54:37 -08:00
pnpm-lock.yaml fix(agent-service): add multer as explicit runtime dependency 2026-03-06 07:10:22 -08:00
pnpm-workspace.yaml Initial commit: IT0 AI-powered server cluster operations platform 2026-02-08 22:54:37 -08:00
tsconfig.base.json Initial commit: IT0 AI-powered server cluster operations platform 2026-02-08 22:54:37 -08:00
turbo.json fix: rename turbo.json pipeline to tasks for Turbo 2.x compatibility 2026-02-19 04:44:25 -08:00

README.md

IT0 — AI-Powered Server Cluster Operations Platform

Intelligent operations platform that combines AI agents with human oversight for managing server clusters.

Architecture

  • Backend: NestJS microservices (TypeScript) with DDD + Clean Architecture
  • Mobile: Flutter app with Riverpod state management
  • Web Admin: Next.js dashboard with Zustand + React Query
  • Voice: Python service for voice-based interaction (STT/TTS/VAD)

Services

Service Description
auth-service Authentication, RBAC, API key management
agent-service AI agent orchestration (Claude CLI + API)
inventory-service Server, cluster, credential management
monitor-service Metrics collection, alerting, health checks
ops-service Task execution, approvals, standing orders
comm-service Multi-channel notifications, escalation
audit-service Audit logging, compliance trail
voice-service Voice pipeline (Python)

Quick Start

# Backend
pnpm install
pnpm dev

# Flutter
cd it0_app && flutter pub get && flutter run

# Web Admin
cd it0-web-admin && pnpm install && pnpm dev

Tech Stack

  • Runtime: Node.js 20+, Dart 3.x, Python 3.11+
  • Database: PostgreSQL (schema-per-tenant)
  • Cache/Events: Redis Streams
  • AI: Anthropic Claude (CLI + API)
  • Build: pnpm workspaces + Turborepo